Warm tip: This article is reproduced from serverfault.com, please click
azure azure-ad-b2c blazor blazor-webassembly

Blazor WebAssembly Azure B2C Error: AADB2C90205 (insufficient permissions)

发布于 2020-11-27 14:26:28

I created a sample Blazor WebAssembly app to be secured with Azure B2C using the steps outlined in the Microsoft docs article: https://docs.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/hosted-with-azure-active-directory-b2c?view=aspnetcore-3.1.

The application works except for the authentication. The B2C modal loads to sign-in, but then the UI displays the following error message.

There was an error trying to log you in: 'AADB2C90205: This application does not have sufficient permissions against this web resource to perform the operation.

Here are some redacted screenshots for my B2C configuration (I'm sure the code is correct as it's the default code generated from the dotnet new CLI command).

Any ideas on the configuration error?

App Registrations App Registrations

API - Overview API - Overview

API - Authentication API - Authentication

API - Expose an API API - Expose an API

Client - Overview Client - Overview

Client - Authentication Client - Authentication

Client - API Permissions Client - API Permissions

Sign-up/in User Flow - Overview Sign-up/in User Flow - Overview

Sign-up/in User Flow - User Attributes Sign-up/in User Flow - User Attributes

Sign-up/in User Flow - Application Claims Sign-up/in User Flow - Application Claims

Questioner
TheMagnificent11
Viewed
0
分享
TheMagnificent11 2020-12-02 22:13:22

So it turns out the issue was actually in the code.

I missed a note section in the docs that said I had to manually edit the client app code if API ID URI was untrusted publisher domain similar to https://contoso.onmicrosoft.com/41451fa7-82d9-4673-8fa5-69eff5a761fd, which it was in my case.

Removing the extra https://{TENANT DOMAIN}/ in the Program.cs of the client app fixed things (note the difference between the commented-out line and the line that comes after).

namespace BlazorClient
{
    public class Program
    {
        public static async Task Main(string[] args)
        {
            ...

            builder.Services.AddMsalAuthentication(options =>
            {
                builder.Configuration.Bind("AzureAdB2C", options.ProviderOptions.Authentication);
                //options.ProviderOptions.DefaultAccessTokenScopes.Add("https://***.onmicrosoft.com/https://***.onmicrosoft.com/*******/blazor.client");
                options.ProviderOptions.DefaultAccessTokenScopes.Add("https://***.onmicrosoft.com/*******/blazor.client");
            });

            await builder.Build().RunAsync();
        }
    }
}

热门github

1
Implementation of paper - YOLOv9: Learning What You Want to Learn Using Programmable Gradient Information
2
A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
3
Get up and running with Llama 2, Mistral, Gemma, and other large language models.
4
该项目可以让你通过订阅的方式使用Cloudflare WARP+,自动获取流量。This project enables you to use Cloudflare WARP+ through subscription, automatically acquiring traffic.
5
Multi functional app to find duplicates, empty folders, similar images etc.
6
Xray panel supporting multi-protocol multi-user expire day & traffic & ip limit (Vmess & Vless & Trojan & ShadowSocks & Wireguard)
7
The Free Software Media System
8
lightweight, standalone C++ inference engine for Google's Gemma models.
9
📚 Freely available programming books
10
A collective list of free APIs
11
1️⃣🐝🏎️ The One Billion Row Challenge -- A fun exploration of how quickly 1B rows from a text file can be aggregated with Java
12
🎓 Path to a free self-taught education in Computer Science!
13
Curso para aprender el lenguaje de programación Python desde cero y para principiantes. 75 clases, 37 horas en vídeo, código, proyectos y grupo de chat. Fundamentos, frontend, backend, testing, IA...
14
This repository contains System Design resources which are useful while preparing for interviews and learning Distributed Systems
15
Mamba is a new state space model architecture showing promising performance on information-dense data such as language modeling, where previous subquadratic models fall short of Transformers. It is based on the line of progress on structured state space models, with an efficient hardware-aware design and implementation in the spirit of FlashAttention.